Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
b7187a54 by Moritz Muehlenhoff at 2026-06-21T20:15:19+02:00
trixie triage

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -609,7 +609,13 @@ CVE-2026-46699 (conda-smithy is a tool for combining a 
conda recipe with configu
        NOT-FOR-US: conda-smithy
 CVE-2026-45696 (OpenEXR is the reference implementation and specification for 
the EXR  ...)
        - openexr <unfixed>
+       [trixie] - openexr <not-affected> (Vulnerable code not present)
+       [bookworm] - openexr <not-affected> (Vulnerable code not present)
+       [bullseye] - openexr <not-affected> (Vulnerable code not present)
        NOTE: 
https://github.com/AcademySoftwareFoundation/openexr/security/advisories/GHSA-gjpj-qv64-vwhf
+       NOTE: https://github.com/AcademySoftwareFoundation/openexr/pull/2397
+       NOTE: Introduced by 
https://github.com/AcademySoftwareFoundation/openexr/commit/50ba96b1dbe353a98a626c7fd0ff1e50cc8c188f
 (v3.4-alpha)
+       NOTE: Fixed by: by 
https://github.com/AcademySoftwareFoundation/openexr/commit/c7af2d233b7b2a4452c11f26cf47584cc2b35721
 (v3.4.13-rc)
 CVE-2026-44663 (OpenEXR is the reference implementation and specification for 
the EXR  ...)
        - openexr <unfixed>
        NOTE: 
https://github.com/AcademySoftwareFoundation/openexr/security/advisories/GHSA-777r-f9x8-7r84
@@ -818,6 +824,7 @@ CVE-2026-46580 (In Eclipse Theia versions prior to 1.71.0, 
files matching the pa
        NOT-FOR-US: Eclipse
 CVE-2026-44942 (A path traversal in handling the "path" component of .repo 
files proce ...)
        - libzypp 17.38.13-1
+       [trixie] - libzypp <no-dsa> (Minor issue)
        NOTE: https://bugzilla.suse.com/show_bug.cgi?id=1267874
 CVE-2026-44691 (In Eclipse Theia versions prior to 1.69.0, custom task 
definitions in  ...)
        NOT-FOR-US: Eclipse



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/b7187a54d85318bef9d310fd7cd2c1416ea3ac87

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/b7187a54d85318bef9d310fd7cd2c1416ea3ac87
You're receiving this email because of your account on salsa.debian.org. Manage 
all notifications: https://salsa.debian.org/-/profile/notifications | Help: 
https://salsa.debian.org/help


_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

Reply via email to